244b6ac6351077cc5a23a85020d01073b3e7d3e26e8fdb076ab8163a32c1262c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad44dfb30885aea41200e26b57c0a32f_JaffaCakes118
Size

1.1MB
Sample

240820-a7t1ysvfka
MD5

ad44dfb30885aea41200e26b57c0a32f
SHA1

06bcd35fb625be987e6c9e966641435ededbf145
SHA256

244b6ac6351077cc5a23a85020d01073b3e7d3e26e8fdb076ab8163a32c1262c
SHA512

a4d6c2c92e050be44d52b0f0b0484e5612216e690dab75a3fe233ba9f709608a20a79bae3aeba5d12f0d2ab5cc4acab8c6b012bf44e79c713a41b9ae04d09e5b
SSDEEP

24576:Z1aGq8rU/Qki8rkL7GEkcPRYim9/bYCnprfB6cFsNlt:LrUkWkXRkcPyi4prfB6cFsNlt

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  ad44dfb30885aea41200e26b57c0a32f_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  ad44dfb30885aea41200e26b57c0a32f
- SHA1
  
  06bcd35fb625be987e6c9e966641435ededbf145
- SHA256
  
  244b6ac6351077cc5a23a85020d01073b3e7d3e26e8fdb076ab8163a32c1262c
- SHA512
  
  a4d6c2c92e050be44d52b0f0b0484e5612216e690dab75a3fe233ba9f709608a20a79bae3aeba5d12f0d2ab5cc4acab8c6b012bf44e79c713a41b9ae04d09e5b
- SSDEEP
  
  24576:Z1aGq8rU/Qki8rkL7GEkcPRYim9/bYCnprfB6cFsNlt:LrUkWkXRkcPyi4prfB6cFsNlt
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence